Signing a file allows you to check that the file was not modified or altered since it was signed. The signature also allows you to check the issuer identity.

By using the Windows certificates, WINDEV allows you to sign:

files or data strings.

emails.

Versions 18 and laterexecutables.

New in version 18executables.

executables.

The signature standard used is PKCS7.

The certificates

Two types of certificates exist:

the "qualified" certificates.

the "non-qualified" certificates.

A "qualified" certificate is delivered by a trusted authority (Verisign, Thawte, ...) and it must be purchased in most cases. A "qualified" certificate is mainly used when the files are distributed outside the company or the organization. For example, files proposed for download.

A "non-qualified" certificate can be directly created by a user from Windows. A "non-qualified" certificate can be sufficient for an internal company or for an organization.

Windows includes a "certificate store" in which the user certificates (also called custom certificates) are installed.

Versions 18 and laterYou also have the ability to sign an executable via CertificateSignExecutable. In this case, the signature is included in the executable file.

New in version 18You also have the ability to sign an executable via CertificateSignExecutable. In this case, the signature is included in the executable file.

You also have the ability to sign an executable via CertificateSignExecutable. In this case, the signature is included in the executable file.

You also have the ability to sign and check the signature of duplicate files. See Printing duplicates for more details.

Using the certificates to sign an email

Signing an email and its attachments allows you to check later that these elements have not been modified or altered since they were signed. The signature also allows you to check the issuer identity.

To sign an email, all you have to do is specify the certificate used in the properties of Email variable. The Certificate variable containing the certificate to use is associated with the ..Certificate property of the Email variable containing the email to send.

The integrity of an incoming email is checked by testing the value of the ..Signature property of the Email variable containing the incoming email.